[clug] Dangerous Dave's talk

Scott Ferguson scott.ferguson.clug at gmail.com
Wed Mar 4 03:43:24 MST 2015

On 04/03/15 21:07, Kim Holburn wrote:
> On 2015/Mar/01, at 6:36 PM, Luke Mewburn wrote:
>> On Sun, Mar 01, 2015 at 08:01:46AM +0100, Owen Cook wrote:
>>  | To date I have done my banking etc through a different user with minimum access. I use Firefox and check cookies.
>>  | 
>>  | So lets try a VM, in this case SUSE-13.2. I start up Firefox, go to my bank, and check the cookies.
> I'm not sure a VM makes anything more secure.  A VM client is only as secure as its host?  A live CD might be better or just a USB stick.  Tails?
1++  Very much agreed.

A VM will make things more secure - sometimes. Unfortunately it's only
with the benefit of hindsight to determine which times those are.
Perhaps, currently, most of the time - but it's unlikely to remain that
same for ever, and won't protect against targeted attacks.

At best, "less worse" than not using a VM (against dumb attacks).

A live CD is better - *if* kept updated. An OS installed to a USB Key is
(possibly?) not quite as secure as a Live CD, but is easier to keep updated.

None of the approaches will overcome insecure hardware.


Kind regards

More information about the linux mailing list